Security News
Medibank, Australia's largest private health provider, has confirmed that last week's "Cyber incident" has resulted in a data breach. Medibank Group took action: they engaged cyber security firms and began "Isolating and removing access to some customer-facing systems to reduce the likelihood of damage to systems or data loss."
Europol this week said it has arrested 31 people in a crackdown on a car-theft ring that developed and used a technique to steal keyless vehicles. The thieves were apparently able to update or manipulate the cars' software so that the doors could be opened and engine started without needing the owner's wireless keyfob.
The leaked emails, according to Solomon's lawsuit, "Presented suggestive language creating a wrongful appearance of alleged improper, unethical and/or fraudulent dealings between Mr Solomon and Mr Azima that never occurred." For one, Georgia ceased its visa-free policy for Iranian nationals in July that year, and froze 150 Iranian bank accounts in the country, Solomon's complaint stated.
Uber's security compromise earlier this month is an unfortunate result of concerns left over from an attack the company sustained in 2016 when a pair of hackers outside of Uber accessed user data that was stored on a 3rd-party server. While MFA can guard against attacks using stolen credentials, that doesn't protect against what could happen if a hacker has credentials and uses them for a more advanced attack.
Australian telecom giant Optus on Monday confirmed that nearly 2.1 million of its current and former customers suffered a leak of their personal information and at least one form of identification number as a result of a data breach late last month. "Approximately 1.2 million customers have had at least one number from a current and valid form of identification, and personal information, compromised," Singtel said in an announcement made on its website.
Russian retail chain 'DNS' disclosed yesterday that they suffered a data breach that exposed the personal information of customers and employees. While the firm has not provided details on what information was compromised, it clarified that the hackers didn't steal user passwords and payment card data, as that data isn't stored on their systems.
Several hacktivist groups are using Telegram and other tools to aid anti-government protests in Iran to bypass regime censorship restrictions amid ongoing unrest in the country following the death of Mahsa Amini in custody. The company said it has also witnessed sharing of proxies and open VPN servers to get around censorship and reports on the internet status in the country, with one group helping the anti-government demonstrators access social media sites.
One of them concerns CVE-2022-36934, a critical integer overflow vulnerability in WhatsApp that results in the execution of arbitrary code simply by establishing a video call. The issue impacts the WhatsApp and WhatsApp Business for Android and iOS prior to versions 2.22.16.12.
The City of London police announced on Twitter today the arrest of a British 17-year-old teen suspected of being involved in recent cyberattacks. While there are no details about the investigation, the arrest is believed to be tied to the Lapsus$ hacking group, which is suspected to be behind recent cyberattacks on Uber, Rockstar Games, and 2K. During last year's attacks, the Lapsus$ hacking group was said to be led by a threat actor named 'White' or 'BreachBase,' who was doxxed as allegedly a 16-year-old teen from the UK. This hacking group is responsible for numerous high-profile attacks, including Microsoft, Cisco, NVIDIA, Samsung, and Okta.
GitHub has put out an advisory detailing what may be an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication codes by impersonating the CircleCI DevOps platform. The fraudulent messages claim to notify users that their CircleCI sessions have expired and that they should log in using GitHub credentials by clicking on a link.